Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/x7_FxhkbTYN5vctwser8mjD2ksM.roa
File: x7_FxhkbTYN5vctwser8mjD2ksM.roa (raw, json)
Hash identifier: ixjMxfKrpLttKGHb7XcPwDYsOccvZHh4HS3oHHcw4V8=
Subject key identifier: C7:BF:C5:C6:19:1B:4D:83:79:BD:CB:70:B1:EA:FC:9A:30:F6:92:C3
Certificate issuer: /CN=351a14ce9d25239b92fe5abce532515044c1aba4
Certificate serial: 018CC3B71C261682E2D4BE587EF7988E1710
Authority key identifier: 35:1A:14:CE:9D:25:23:9B:92:FE:5A:BC:E5:32:51:50:44:C1:AB:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/x7_FxhkbTYN5vctwser8mjD2ksM.roa
Signing time: Mon 01 Jan 2024 06:30:06 +0000
ROA not before: Mon 01 Jan 2024 06:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39511
IP address blocks: 2a05:91c3:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/NRoUzp0lI5uS_lq85TJRUETBq6Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/NRoUzp0lI5uS_lq85TJRUETBq6Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:1c:26:16:82:e2:d4:be:58:7e:f7:98:8e:17:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a14ce9d25239b92fe5abce532515044c1aba4
Validity
Not Before: Jan 1 06:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7bfc5c6191b4d8379bdcb70b1eafc9a30f692c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:01:ad:40:c9:d6:87:c6:15:2a:5a:36:b8:9d:
6f:fa:ec:4c:af:0e:0a:76:2d:f8:29:08:b6:00:9b:
58:71:79:ca:fa:bc:db:a4:6d:d6:15:2d:7b:f2:8d:
01:d2:80:de:58:ff:af:53:68:1e:6d:28:e0:f5:ee:
6f:d7:ea:31:33:a2:a0:9d:57:3b:2c:f7:ce:2a:73:
9c:ad:29:c6:51:90:18:e4:3e:f4:91:23:eb:16:c5:
fc:ce:ce:4a:70:ed:2f:d1:66:1f:07:bc:89:69:98:
71:84:aa:d0:5f:bc:11:50:10:e5:90:7e:d3:01:c6:
11:6f:f5:91:14:a4:85:20:8e:27:00:42:d3:ae:33:
08:56:fe:8b:d2:fd:2f:e0:27:c2:be:f4:6f:1d:4d:
3b:ae:8d:0d:a1:3c:d5:55:d2:fc:5b:6b:49:8b:22:
a7:b0:b5:65:0b:7a:7f:b2:ac:f4:c3:0a:87:95:f7:
1e:74:d4:01:72:54:24:a1:4d:51:85:74:a2:a0:5f:
97:87:a5:99:60:99:e9:3e:d1:96:7c:20:5d:35:c7:
8c:fe:7b:23:a4:35:72:05:7b:97:c8:26:ee:a4:9d:
8c:bf:a7:79:0b:8e:2d:23:ff:8b:df:94:dd:4b:4f:
6d:d0:9a:ca:41:8e:3c:7f:d1:29:55:44:22:6b:0a:
5b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:BF:C5:C6:19:1B:4D:83:79:BD:CB:70:B1:EA:FC:9A:30:F6:92:C3
X509v3 Authority Key Identifier:
keyid:35:1A:14:CE:9D:25:23:9B:92:FE:5A:BC:E5:32:51:50:44:C1:AB:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/x7_FxhkbTYN5vctwser8mjD2ksM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/NRoUzp0lI5uS_lq85TJRUETBq6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:91c3:1::/48
Signature Algorithm: sha256WithRSAEncryption
7c:5a:c1:4f:ac:77:a7:6f:41:93:25:b2:27:2c:7b:0a:af:8c:
17:9f:e6:b2:08:4f:df:b8:22:72:b8:4a:94:d0:eb:10:e8:f5:
f6:bf:94:ed:72:74:eb:ae:c4:e3:9b:b2:ec:64:77:7a:f1:7f:
8d:80:c8:e4:82:e4:c1:d2:7f:41:9b:0c:a6:92:fc:9e:52:2d:
66:c4:d6:57:1e:f4:01:ba:b3:d0:81:e4:56:f5:40:d9:6a:fd:
f1:d1:2b:83:d8:73:50:28:a8:f1:86:c7:9d:7b:e0:fe:9c:0b:
b5:7b:d9:3f:40:ed:b4:a0:81:4a:8f:a7:38:ee:f1:23:87:84:
d6:2b:56:7f:cf:59:1e:ff:fe:47:cb:93:70:d6:0b:03:53:43:
34:e7:2b:72:b7:cd:85:b3:c7:c3:8e:7c:42:81:27:a0:d1:e3:
08:bb:e6:58:0c:cd:54:f6:1b:2e:0a:3a:2e:ab:98:ff:a0:af:
bc:96:84:10:95:d1:c5:a6:f4:f7:95:b4:0e:6b:b3:df:a6:1f:
c3:98:91:40:25:89:39:1b:f8:6b:4c:52:8c:19:f7:f1:25:bd:
33:a3:98:8a:6c:47:84:25:34:1c:5b:81:b7:64:be:8b:c5:d3:
5e:c6:ee:00:34:35:f4:be:48:b4:7b:d4:33:10:c7:a0:03:fd:
10:51:4d:75
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDtxwmFoLi1L5YfveYjhcQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWExNGNlOWQyNTIzOWI5MmZlNWFiY2U1MzI1MTUwNDRj
MWFiYTQwHhcNMjQwMTAxMDYzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2JmYzVjNjE5MWI0ZDgzNzliZGNiNzBiMWVhZmM5YTMwZjY5MmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngGtQMnWh8YVKlo2uJ1v+uxMrw4K
di34KQi2AJtYcXnK+rzbpG3WFS178o0B0oDeWP+vU2gebSjg9e5v1+oxM6KgnVc7
LPfOKnOcrSnGUZAY5D70kSPrFsX8zs5KcO0v0WYfB7yJaZhxhKrQX7wRUBDlkH7T
AcYRb/WRFKSFII4nAELTrjMIVv6L0v0v4CfCvvRvHU07ro0NoTzVVdL8W2tJiyKn
sLVlC3p/sqz0wwqHlfcedNQBclQkoU1RhXSioF+Xh6WZYJnpPtGWfCBdNceM/nsj
pDVyBXuXyCbupJ2Mv6d5C44tI/+L35TdS09t0JrKQY48f9EpVUQiawpb8QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMe/xcYZG02Deb3LcLHq/Jow9pLDMB8GA1UdIwQY
MBaAFDUaFM6dJSObkv5avOUyUVBEwaukMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvVXpwMGxJNXVTX2xxODVUSlJVRVRCcTZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZTIxNjUtM2JiNS00NWMzLTk4OWEt
Mjk1Mzg5NGIxZjZkLzEveDdfRnhoa2JUWU41dmN0d3NlcjhtakQya3NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zZTIxNjUtM2JiNS00NWMzLTk4OWEtMjk1Mzg5NGIxZjZk
LzEvTlJvVXpwMGxJNXVTX2xxODVUSlJVRVRCcTZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgWRwwAB
MA0GCSqGSIb3DQEBCwUAA4IBAQB8WsFPrHenb0GTJbInLHsKr4wXn+ayCE/fuCJy
uEqU0OsQ6PX2v5TtcnTrrsTjm7LsZHd68X+NgMjkguTB0n9BmwymkvyeUi1mxNZX
HvQBurPQgeRW9UDZav3x0SuD2HNQKKjxhsede+D+nAu1e9k/QO20oIFKj6c47vEj
h4TWK1Z/z1ke//5Hy5Nw1gsDU0M05ytyt82Fs8fDjnxCgSeg0eMIu+ZYDM1U9hsu
Cjouq5j/oK+8loQQldHFpvT3lbQOa7Pfph/DmJFAJYk5G/hrTFKMGffxJb0zo5iK
bEeEJTQcW4G3ZL6LxdNexu4ANDX0vki0e9QzEMegA/0QUU11
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:45:38 2024 by rpki-client on console-fra.rpki-client.org